1 1 . A method of creating a digital certificate revocation list (CRL), comprising: 

2 determining a latest owned CRL stored by a CRL recipient; 

3 creating a delta CRL comprising a list of digital certificates with a status of 

4 satisfying at least one inactive criterion, wherein said status has changed since the 

5 latest owned CRL; and 

6 sending the delta CRL to the CRL recipient. 
7 

8 2. The method according to claim 1 , further comprising receiving a request for 

9 a CRL, the request including an indication of the latest owned CRL, and wherein 
1 0 the latest owned CRL is determined by examining the request. 

11 

XI 3. The method according to claim 1 , further comprising formatting the delta 

Jfe CRL as an ASN.1 format delta CRL. 

14 

[|5 4. The method according to claim 1 , wherein the creating comprises comparing 

116 entries in the latest owned CRL with a current CRL. 

:i7 

Cj 8 5. The method according to claim 1 , wherein the creating comprises querying 

Q 9 a database for entries spanning the latest owned CRL and a current CRL. 

§0 

Hg1 6. The method according to claim 1 , wherein the creating comprises merging 

22 data from a plurality of delta CRLs spanning from the latest owned CRL to a current 

23 CRL 
24 

25 7. The method according to claim 1 , further comprising applying a digital 

26 signature to the CRL. 
27 

28 8. An electronic storage medium storing instructions which when executed on 

29 a programmed processor carry out the method of creating a digital certificate 

30 revocation list according to claim 1 . 
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1 9. A method of creating a digital certificate revocation list (CRL), comprising: 

2 receiving a request for a CRL, the request including an indication of a latest 

3 owned CRL; 

4 creating a delta CRL comprising a list of digital certificates satisfying at least 

5 one inactive criterion since the latest owned CRL; and 

6 sending the delta CRL as a reply to the request. 
7 

8 10. The method according to claim 9, further comprising formatting the delta 

9 CRL as an ASN.1 format delta CRL. 
10 

11 11. The method according to claim 9, wherein the creating comprises comparing 

1 2 entries in the latest owned CRL with a current CRL. 

ij 1 4 12. The method according to claim 9, wherein the creating comprises querying 

f I1 15 a database for entries spanning the latest owned CRL and a current CRL. 

if! 16 

hl 17 13. The method according to claim 9, wherein the creating comprises merging 

0 1 8 data from a plurality of delta CRLs spanning from the latest owned CRL to a current 

0 19 CRL. 

fl 20 

H21 14. The method according to claim 9, further comprising applying a digital 

22 signature to the CRL. 
23 

24 1 5. An electronic storage medium storing instructions which when executed on 

25 a programmed processor carry out the method of creating a digital certificate 

26 revocation list according to claim 9. 
27 

28 16. The method according to claim 9, wherein the sending comprises 

29 transmitting the CRL as a reply over an electronic communication medium. 
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1 17. A data structure, stored on a computer readable storage medium or 

2 transported over an electronic communication medium, for a digital certificate 

3 revocation list (CRL), comprising: 

4 a list of digital certificates representing changes to a CRL that have occurred 

5 since generation of at least two additional CRLs; and 

6 a CRL identifier; and 

7 wherein the CRL is formatted as a delta CRL. 
8 

9 18. The data structure according to claim 17, wherein the CRL identifier 

1 0 comprises a sequentially assigned number. 
11 
12 
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